Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912C738/320C3A9AC9D111EB8DC5D210C4F9AE02/85ED6FDE476E11F0ABD0B828C4F9AE02.roa
File: 85ED6FDE476E11F0ABD0B828C4F9AE02.roa (raw, json)
Hash identifier: mOdgVNKVjhxP/VACy2QE6CVYmVXI13xMzlVaxvUuVBQ=
Subject key identifier: EF:27:61:C5:A4:8C:DC:81:8A:CD:B3:1E:E7:1A:07:F8:9C:DD:73:8A
Certificate issuer: /CN=A912C738/serialNumber=7FB23916037E9332966376F2E075541224162AF4
Certificate serial: 05D5
Authority key identifier: 7F:B2:39:16:03:7E:93:32:96:63:76:F2:E0:75:54:12:24:16:2A:F4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/f7I5FgN-kzKWY3by4HVUEiQWKvQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912C738/320C3A9AC9D111EB8DC5D210C4F9AE02/85ED6FDE476E11F0ABD0B828C4F9AE02.roa
Signing time: Fri 27 Jun 2025 06:49:55 +0000
ROA not before: Fri 27 Jun 2025 06:49:55 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 16509
IP address blocks: 199.166.34.0/23 maxlen: 23
199.166.36.0/23 maxlen: 23
199.166.37.0/24 maxlen: 24
207.189.184.0/24 maxlen: 24
207.189.185.0/24 maxlen: 24
207.189.186.0/24 maxlen: 24
207.189.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Jun 2025 12:06:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1493 (0x5d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912C738, serialNumber=7FB23916037E9332966376F2E075541224162AF4
Validity
Not Before: Jun 27 06:49:55 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=685e3f12-89bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:2f:20:0a:2e:d2:e7:31:9e:12:42:7a:91:4d:
cd:0c:4b:18:c7:9a:11:77:b6:ca:7f:2b:48:79:ce:
06:ca:23:3a:9a:3c:1b:73:60:1d:01:61:bb:92:bb:
fc:3d:20:4e:63:eb:ee:9b:f8:93:be:08:43:ea:c3:
12:9b:3b:31:28:ea:b8:d1:a5:e9:d9:d0:99:99:e6:
cb:fe:df:b1:3a:5a:7f:ce:19:0b:10:af:18:09:29:
27:ff:ea:76:33:bb:40:bf:4c:6a:1f:1c:15:73:fc:
61:52:eb:61:4a:c4:89:19:1c:ef:4c:c9:e7:0d:c5:
f9:34:6e:25:99:2c:98:84:77:3b:f2:8c:4e:f6:96:
3a:68:b8:02:12:f0:00:76:d7:a9:03:88:16:90:9f:
0f:c0:4a:d0:a5:b7:cc:80:f7:42:95:1b:63:2e:b2:
81:53:80:74:36:2f:28:f2:c7:45:ff:1d:9f:96:ff:
a9:40:9f:a8:ae:5d:85:d1:9b:5b:6f:66:fe:12:b1:
c5:9b:2b:ba:ca:64:be:78:bd:a3:e0:2a:b9:d9:b2:
47:2e:98:7a:d6:ea:74:9a:92:b3:3c:fe:f8:24:22:
89:7b:00:7f:88:c1:80:b7:81:a0:6e:62:8f:ee:68:
11:7c:44:d2:df:2c:ba:8a:7e:75:50:cc:16:32:f8:
04:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:27:61:C5:A4:8C:DC:81:8A:CD:B3:1E:E7:1A:07:F8:9C:DD:73:8A
X509v3 Authority Key Identifier:
keyid:7F:B2:39:16:03:7E:93:32:96:63:76:F2:E0:75:54:12:24:16:2A:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912C738/320C3A9AC9D111EB8DC5D210C4F9AE02/f7I5FgN-kzKWY3by4HVUEiQWKvQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/f7I5FgN-kzKWY3by4HVUEiQWKvQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C738/320C3A9AC9D111EB8DC5D210C4F9AE02/85ED6FDE476E11F0ABD0B828C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
199.166.34.0-199.166.37.255
207.189.184.0/22
Signature Algorithm: sha256WithRSAEncryption
13:06:90:87:79:5f:69:b0:d3:59:e7:b2:00:af:3b:e7:ad:eb:
9a:f3:c9:1f:fd:5c:74:09:03:bb:43:da:de:13:7a:52:d5:c7:
3c:48:b3:a3:df:72:48:21:a4:15:8e:17:ed:46:07:56:11:13:
75:b0:3b:78:bf:ca:46:d4:c0:a1:0e:13:fc:06:95:5f:a5:dc:
f2:2e:12:9a:03:64:52:f4:94:2b:04:84:9b:87:92:38:86:61:
dd:0b:86:34:26:33:98:34:61:a2:a1:fa:24:f2:d1:f4:59:85:
03:88:68:6c:92:9c:d8:37:38:1c:26:8f:59:f1:60:0e:ab:de:
9e:3e:6e:3e:76:25:49:27:4b:20:85:6b:bb:38:3e:dd:7d:00:
7d:48:3e:20:55:c9:f6:4d:7b:1f:7b:81:44:95:51:78:87:37:
d6:3a:77:44:51:01:c0:23:f3:65:8e:c3:c6:23:b1:85:ad:75:
74:d1:fe:bb:6c:cc:90:56:c0:41:36:43:90:d1:f4:f8:68:48:
f2:7d:09:85:df:cc:d3:ba:91:96:d1:a8:33:88:68:a4:5d:56:
35:f0:77:6b:bb:29:67:4c:69:82:61:c4:88:cb:66:92:1b:1f:
0c:02:51:65:11:4a:de:54:29:18:1a:6e:df:30:0a:e3:00:24:
a1:1b:b8:42
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICBdUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkM3MzgxMTAvBgNVBAUTKDdGQjIzOTE2MDM3RTkzMzI5NjYzNzZGMkUwNzU1NDEy
MjQxNjJBRjQwHhcNMjUwNjI3MDY0OTU1WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODVlM2YxMi04OWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8y8gCi7S5zGeEkJ6kU3NDEsYx5oRd7bKfytIec4GyiM6mjwbc2AdAWG7krv8
PSBOY+vum/iTvghD6sMSmzsxKOq40aXp2dCZmebL/t+xOlp/zhkLEK8YCSkn/+p2
M7tAv0xqHxwVc/xhUuthSsSJGRzvTMnnDcX5NG4lmSyYhHc78oxO9pY6aLgCEvAA
dtepA4gWkJ8PwErQpbfMgPdClRtjLrKBU4B0Ni8o8sdF/x2flv+pQJ+orl2F0Ztb
b2b+ErHFmyu6ymS+eL2j4Cq52bJHLph61up0mpKzPP74JCKJewB/iMGAt4GgbmKP
7mgRfETS3yy6in51UMwWMvgEPwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFO8nYcWk
jNyBis2zHucaB/ic3XOKMB8GA1UdIwQYMBaAFH+yORYDfpMylmN28uB1VBIkFir0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzczOC8zMjBDM0E5QUM5
RDExMUVCOERDNUQyMTBDNEY5QUUwMi9mN0k1RmdOLWt6S1dZM2J5NEhWVUVpUVdL
dlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2Y3STVGZ04ta3pLV1kzYnk0SFZVRWlRV0t2US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkM3MzgvMzIwQzNBOUFDOUQxMTFFQjhEQzVEMjEwQzRGOUFFMDIvODVFRDZGREU0
NzZFMTFGMEFCRDBCODI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEAcemIgMEAcemJAMEAs+9uDANBgkqhkiG9w0BAQsFAAOC
AQEAEwaQh3lfabDTWeeyAK87563rmvPJH/1cdAkDu0Pa3hN6UtXHPEizo99ySCGk
FY4X7UYHVhETdbA7eL/KRtTAoQ4T/AaVX6Xc8i4SmgNkUvSUKwSEm4eSOIZh3QuG
NCYzmDRhoqH6JPLR9FmFA4hobJKc2Dc4HCaPWfFgDqvenj5uPnYlSSdLIIVruzg+
3X0AfUg+IFXJ9k17H3uBRJVReIc31jp3RFEBwCPzZY7DxiOxha11dNH+u2zMkFbA
QTZDkNH0+GhI8n0Jhd/M07qRltGoM4hopF1WNfB3a7spZ0xpgmHEiMtmkhsfDAJR
ZRFK3lQpGBpu3zAK4wAkoRu4Qg==
-----END CERTIFICATE-----
Generated at Tue Jul 1 19:51:38 2025 by rpki-client